At XpresServers, we constantly strive to deliver total customer satisfaction with all our hosting services. That’s why we offer fast, reliable and secure service that’s backed by our friendly, knowledgeable support team, 24/7.

Debian

Updated Wednesday, May 20, 2020 by Linode
Written by Rajakavitha Kodhandapani

What is Certbot?

Certbot is a tool that automates the process of getting a signed certificate via Let’s Encrypt to use with TLS.

For most operating system and web server configurations, Certbot creates signed certificates, manages the web server to accept secure connections, and can automatically renew certificates it has created. In most cases, Certbot can seamlessly enable HTTPS without causing server downtime.

Before You Begin

Make sure you have registered a Fully Qualified Domain Name (FQDN) and set up A and AAAA DNS records that point to your Linode’s public IPv4 and IPv6 addresses. Consult our DNS Records: An Introduction and DNS Manager guides for help with setting up a domain.

Note

If you’re using Apache, change each instance of nginx to apache in the following sections.

Install the Certbot and web server-specific packages, then run Certbot:

sudo apt install certbot python-certbot-nginx
sudo certbot --nginx

Certbot will ask for information about the site. The responses will be saved as part of the certificate:

Certbot will also ask if you would like to automatically redirect HTTP traffic to HTTPS traffic. It is recommended that you select this option.

When the tool completes, Certbot will store all generated keys and issued certificates in the /etc/letsencrypt/live/$domain directory, where $domain is the name of the domain entered during the Certbot certificate generation step.

Note

Certbot recommends pointing your web server configuration to the default certificates directory or creating symlinks. Keys and certificates should not be moved to a different directory.

Finally, Certbot will update your web server configuration so that it uses the new certificate, and also redirects HTTP traffic to HTTPS if you chose that option.

If you have a firewall configured on your Linode, you may need to add Firewall Rules to allow incoming and outgoing connections to the HTTPS service. If you’re using UFW, you can enable HTTP and HTTPS traffic with the following commands:

Updated Wednesday, May 20, 2020 by LinodeContributed by Rajakavitha Kodhandapani

Java is one of the world’s most popular programming languages. Software written in Java can be compiled and run on any system, making Java a versatile platform that can be used to create anything from software to basic web applications. This guide will show you how to install the Open Java Development Kit (OpenJDK) 11 on Debian 10.

OpenJDK is the free and open-source implementation of the Oracle Java Standard Edition (Java SE) Development Kit. OpenJDK and Java SE are equivalent JDKs that include a Java runtime environment (JRE) and tools for developing and compiling Java applications.

While there are many available versions of OpenJDK, version 11 is the latest Long-Term-Support (LTS) release as of the time of this guide’s publication. For this reason, OpenJDK 11 is the recommended version for developing production applications.

Before You Begin

Familiarize yourself with our Getting Started guide and complete the steps for connecting to your Linode with SSH and setting your Linode’s hostname and timezone.

Complete the sections of our guide on Securing Your Server to create a standard user account, harden SSH access and remove unnecessary network services. This guide will use sudo commands wherever possible, which should be run by a limited, non-root user on your Linode.

Ensure your system is up-to-date:

sudo apt-get update && sudo apt-get upgrade

Install OpenJDK

Install the OpenJDK 11 development kit, which includes OpenJRE 11:

sudo apt-get install openjdk-11-jdk

Alternatively, if you simply want to run Java applications that you have already downloaded, you can choose to only install OpenJRE 11:

sudo apt-get install openjdk-11-jre

Note

While you can run Java applications directly with the JRE, your applications will be compiled every time they are executed. This is generally slower than running applications that have already been compiled into Java bytecode, and may not be suitable if you plan to execute applications many times.

Check the version of the JRE to verify that it has been properly installed: